000032850 - Does Web Threat Detection  Use SSLv2 Encryption in RSA Web Threat Detection 3.0.2

Document created by RSA Customer Support Employee on Aug 10, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032850
Applies ToRSA Product Set: Silver Tail
RSA Product/Service Type: Mitigator - Silver Tail
RSA Version/Condition: 3.0.2 EOPS Reached
Platform: Linux
IssueCan someone confirm if SilverTail has SSLv2 encryption enabled or if it is used for the application?  If so, can we turn it off without any impact to application functionality?
 Also I would like to know what connections are you referring to in our WTD system?
ResolutionYour question is this --- 
SilverTail has SSLv2 encryption enabled or if it is used for the application? If so, can we turn it off without any impact to application functionality?  
 Also I would like to know  what connections are you referring to in our WTD system?
Refer the customer to the "WTD System Management Guide" Chapter 7 on Certificate Management.starting at page 33.  The whole chapter should be read, we suggest.   
This documenation is available in Secure Care Online.  https://knowledge.rsasecurity.com/scolcms/

 SSL Certificates and Key Encryption
You have three options for key encryption:
1. No encryption – keys copied over to the server via the file system are not encrypted, but are available for management via the Certificate Management Interface (CMI)
described below.
2. Software encryption – keys imported via the CMI are automatically encrypted (PKCS8 format).
3. Hardware encryption – keys imported via a Hardware Security Module (HSM) are encrypted as per the module. While hardware encrypted keys are visible in the CMI, you cannot manage them via that interface.
Certificate Management Via the Certificate Management Interface
(CMI)

RSA Web Threat Detection SilverTap depends on access to web traffic in order to help detect and prevent fraud. Because most of this web traffic is encrypted, and SilverTap accesses web traffic before it is decrypted, each SilverTap installation requires access to the site’s digital certificates for decrypting in order to analyze the traffic. It is important that as much traffic as possible is decrypted so that Web Threat Detection products can be more effective by analyzing a more complete set of web transactions.
The Certificate Management Interface (CMI) shows information for the digital certificates for your site. You can use it to ensure that as much of your site’s traffic is decrypted as possible.
Using the CMI, you can add and delete certificates, see which certificates are expired or will be expiring soon, find out which certificates are missing, and export the information in comma separated value (CSV) format.

Attachments

    Outcomes